[Zope-CMF] Login oddities

Raphael Ritz r.ritz@biologie.hu-berlin.de
Thu, 20 Feb 2003 17:28:03 +0100


Greg Ward wrote:

>Update: this problem doesn't appear to have anything to do with the
>"members-only" site: I created yet another brand-new CMF site, and
>didn't touch any privileges or the login form this time.  Added a user
>for each role: man (Manager), member (Member), owner (Owner) and rev
>(Reviewer), as well as 'luser' with no roles.
>
>'man' and 'member' can login just fine.  'owner', 'rev', and 'luser'
>cannot login at all.  Nothing is logged, and there's no information on
>the regenerated login form.
>
Users can have multiple roles. What happens if you assign the
'owner' and 'rev' users the 'Member' role in addition? Does that help?

It shouldn't be necessary though, but if you start manipulating permissions
for 'Member' let's say and you do not repeat those changes for
the 'Reviewer' role also, then you can easily end up having 'Reviewers'
less privileged than 'Members' (e.g., if you tick off 'Acquire ...' for 
some
permission and only grant it to 'Members' only even 'Managers' will
loose this permission).

Raphael


>
>So what's going on here?  Does user authentication even work in CMF 1.3?
>
for me it does.

>
>        Greg
>  
>